VYPR

Phphoo3

by Phphoo3

CVEs (2)

  • CVE-2007-2534CriMay 9, 2007
    risk 0.64cvss 9.8epss 0.01

    Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are…

  • CVE-2008-3245Jul 21, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in phpHoo3.php in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 allows remote attackers to execute arbitrary SQL commands via the viewCat parameter.